Application No.: 10/627,019 



Docket No.: 03226/503001; P8951 



AMENDMENTS TO TTTF, CLAIMS 

Please amend the claims as follows. 

1 . (Previously Presented) A method of providing a circle of trust comprising: 

receiving a first certificate of a first server by a second server; 

storing said first certificate of said first server in a first trusted partner list 

accessible by said second server; 
receiving a second certificate of said second server by said first server; and 
storing said second certificate of said second server in a second trusted partner list 

accessible by said first server, 
wherein access by a client to a resource associated with said first server is 

controlled as a function of said first trusted partner list. 

2. (Previously Presented) The method according to Claim 1 further comprising: 

initiating use of said resource by said client, wherein an authentication assertion 

reference is provided by said client; 
determining an identity of said second server as a function of said authentication 

assertion reference; 

sending an authentication request containing said first certificate of said first 

server to said second server; 
determining if said first certificate is contained in said first trusted partner list of 

said second server; 

sending an authentication assertion indicating that said client has been 
authenticated, from said second server to said first server when said first 
certificate is contained in said first trusted partner list of said second server; 

sending an authentication assertion, indicating that said client has not been 
authenticated, from said second server to said first server when said first 
certificate is not contained in said first trusted partner list of said second 
server; and 
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providing said resource to said client by said first server when said authentication 
assertion indicates that said client has been authenticated. 

3. (Previously Presented) The method according to Claim 2, further comprising: 

logging-on to said second server by said client; and 
authenticating said client by said second server. 

4. -7. (Canceled) 

8. (Previously Presented) A method of providing a circle of trust comprising: 

initiating use of a resource associated with a relying server by a client, wherein an 
authentication assertion reference is provided by said a client to said 
relying server, and wherein said authentication assertion reference is 
provided to said client by an issuing server; 

determining an identity of said issuing server as a function of said authentication 
assertion reference; 

sending] a first authentication request comprising a certificate of said relying 

server to said issuing server; 
determining if said certificate is contained in a trusted partner list of said issuing 

server; 

sending an authentication assertion, indicating that said client has been 
authenticated, from said issuing server to said relying server when said 
certificate is contained in said trusted partner list of said issuing server; 

sending an authentication assertion, indicating that said client has not been 
authenticated, from said issuing server to said relying server when said 
certificate is not contained in said trusted partner list of said issuing server; 
and 

providing said resource to said client by said relying server when said 
authentication assertion indicates that said client has been authenticated. 

9. (Canceled) 
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10. (Canceled) 

1 1. (Previously Presented) The method according to Claim 8, further comprising: 

logging-on to an issuing server by said client; and 
authenticating said client by said issuing server. 

12. (Previously Presented) A system for providing a circle of trust comprising: 

a first server comprising: 

a first administration module; and 

a first trusted partner list communicatively coupled to said first 
administration module; and 
a second server comprising: 

a second administration module; and 

a second trusted partner list communicatively coupled to said second 
administration module, 
wherein access by a client to a resource associated with said first server is 
controlled as a function of said second trusted partner list. 

13. (Previously Presented) The system for providing a circle of trust according to claim 

12, wherein said first administration module receives a credential of said second 
server. 

14. (Previously Presented) The system for providing a circle of trust according to claim 

13, wherein said first administration module stores said credential of said second 
server in said first trusted partner list. 

15. (Original) The system for providing a circle of trust according to Claim 14, wherein 
said credential comprises a certificate. 

16. (Canceled) 
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17. (Currently Amended) The system for providing a circle of trust according to Claim 
12, further comprising : 

said client; 

said first server communicatively coupled to said client and said second server, 

wherein said first server further comprises: 

a first session module; and 

a first authentication module; and 
said second server communicatively coupled to said client and said first server, 

wherein said second server further comprises: 

a second session module; and 

a second authentication module. 

18. (Previously Presented) The system for providing a circle of trust according to Claim 
17, wherein said second session module determines an identity of said first server as a 
function of an authentication assertion reference received from said client. 

19. (Previously Presented) The system for providing a circle of trust according to Claim 
17, wherein said first session module determines a trusted status of said second server 
as a function of a certificate received from said second session module. 

20. (Canceled) 

21. (Canceled) 

22. (Previously Presented) The system for providing a circle of trust according to Claim 
17, wherein said first session module provides for secure transfer of information for 
authenticating said client. 

23. (Original) The system for providing a circle of trust according to Claim 22, wherein 
said first session module generates and processes SAML requests and assertions 
contained in SOAP envelopes. 
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24. (Canceled) 

25. (Canceled) 

26. (Canceled) 

27. -36. (Canceled) 
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